summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authormaxim <maxim@FreeBSD.org>2003-02-17 13:39:57 +0000
committermaxim <maxim@FreeBSD.org>2003-02-17 13:39:57 +0000
commitd08c1f6ee18856519bcf0884b104278d8f4e1695 (patch)
tree59716fe254111866cdfa78b5f766ae04f30ee3ec
parent8900ca0cc322ca355bfe097dcaa68c3533fae160 (diff)
downloadFreeBSD-src-d08c1f6ee18856519bcf0884b104278d8f4e1695.zip
FreeBSD-src-d08c1f6ee18856519bcf0884b104278d8f4e1695.tar.gz
o Fix ipfw uid rules: socheckuid() returns 0 when uid matches a socket
cr_uid. Note: we do not have socheckuid() in RELENG_4, ip_fw2.c uses its own macro for a similar purpose that is why ipfw2 in RELENG_4 processes uid rules correctly. I will MFC the diff for code consistency. Reported by: Oleg Baranov <ol@csa.ru> Reviewed by: luigi MFC after: 1 month
Diffstat
-rw-r--r--sys/netinet/ip_fw2.c4
1 files changed, 2 insertions, 2 deletions
diff --git a/sys/netinet/ip_fw2.c b/sys/netinet/ip_fw2.c
index 1f02a9c..e35078f 100644
--- a/sys/netinet/ip_fw2.c
+++ b/sys/netinet/ip_fw2.c
@@ -1511,11 +1511,11 @@ check_body:
if (pcb == NULL || pcb->inp_socket == NULL)
break;
#if __FreeBSD_version < 500034
-#define socheckuid(a,b) ((a)->so_cred->cr_uid == (b))
+#define socheckuid(a,b) ((a)->so_cred->cr_uid != (b))
#endif
if (cmd->opcode == O_UID) {
match =
- socheckuid(pcb->inp_socket,
+ !socheckuid(pcb->inp_socket,
(uid_t)((ipfw_insn_u32 *)cmd)->d[0]);
} else {
match = groupmember(
OpenPOWER on IntegriCloud